Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/xjl04XB-E2ekPQyxX3l2BzlRM8E.roa
File: xjl04XB-E2ekPQyxX3l2BzlRM8E.roa (raw, json)
Hash identifier: 61u3pHRLGx+KVmSzCOGAUbBkDX3ogrUsC9cOaTW/ACE=
Subject key identifier: C6:39:74:E1:70:7E:13:67:A4:3D:0C:B1:5F:79:76:07:39:51:33:C1
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 019050DE26E9DD45D7D2B85089CC67D19D6D
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/xjl04XB-E2ekPQyxX3l2BzlRM8E.roa
Signing time: Tue 25 Jun 2024 19:27:34 +0000
ROA not before: Tue 25 Jun 2024 19:27:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 19318
IP address blocks: 2a0f:1584:2::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 25 Jul 2024 15:44:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:50:de:26:e9:dd:45:d7:d2:b8:50:89:cc:67:d1:9d:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Jun 25 19:27:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c63974e1707e1367a43d0cb15f797607395133c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:95:e5:1e:72:b7:da:41:35:bf:08:26:3e:11:
76:cf:ff:2d:ac:f1:35:65:de:8b:a2:bd:9f:f0:32:
20:62:44:c4:20:24:18:2e:a3:8c:3e:66:d5:ee:42:
32:c2:f4:7c:77:f5:9b:75:dc:b3:b0:39:06:15:23:
5d:b9:96:77:68:29:4f:6d:dd:47:08:d9:a2:a7:87:
ff:10:b5:9f:01:0c:b6:76:8f:1b:8c:8e:cf:81:5f:
76:3c:ef:d5:fb:ed:b0:ed:46:23:79:ba:2d:58:8d:
3a:e1:2e:55:e8:b8:03:05:b3:bd:64:e8:0a:9d:1f:
36:aa:de:5c:99:1f:ac:1e:65:91:c4:47:b4:00:78:
25:06:5e:ed:81:c9:c1:58:ad:5a:e8:8a:80:c9:26:
0e:1a:66:ca:b2:03:48:43:8a:1d:a4:58:39:6a:6a:
51:ee:49:58:88:85:77:c1:8b:85:2d:95:e0:a9:e0:
a1:6f:47:ce:d4:c4:54:91:a0:7c:c2:36:c8:58:8b:
cc:d0:96:bc:18:ca:11:ed:ef:92:47:44:89:d1:6a:
92:c2:c8:0a:9a:43:15:30:1d:3e:e6:70:d6:82:a1:
c8:f7:7c:cc:79:ff:3b:a5:e5:d3:44:7c:5e:f8:d8:
13:99:f0:1d:e9:4a:bf:56:01:f9:b0:3c:3c:bd:67:
e7:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:39:74:E1:70:7E:13:67:A4:3D:0C:B1:5F:79:76:07:39:51:33:C1
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/xjl04XB-E2ekPQyxX3l2BzlRM8E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:1584:2::/48
Signature Algorithm: sha256WithRSAEncryption
bd:23:3b:21:a7:8e:5d:dd:ab:82:4b:ef:44:b4:22:7a:05:7e:
51:4b:b0:ef:40:e4:79:d2:56:df:80:11:8b:20:be:04:e7:60:
7a:59:2d:66:e9:18:04:1c:20:c3:84:96:ca:36:0b:ca:94:00:
d8:77:9b:be:0e:18:aa:2d:86:d7:cb:6e:c0:dd:e6:11:5a:fd:
ba:ee:ff:d6:15:b0:2b:16:81:38:2c:ff:49:0a:c5:7a:87:fb:
1a:ab:15:f7:8a:07:b3:6e:b3:71:a4:01:a4:32:dc:de:2b:b3:
da:ca:e0:67:81:f7:06:79:b4:b4:20:e8:ef:8d:69:ef:f9:94:
c4:10:e9:7f:ab:e5:cd:3d:b6:fb:40:af:f1:cd:c1:3b:d9:00:
93:ea:ea:13:37:c0:31:9b:ec:67:26:9d:70:16:59:d9:9c:5c:
12:ae:22:96:c5:ac:4a:65:a1:17:aa:ea:ca:2a:79:90:5c:7f:
d6:28:89:5e:1d:39:dc:3c:74:12:a8:a3:2a:47:d7:46:4c:ff:
99:fd:7b:0a:c4:68:c7:ff:4a:b6:e6:9a:4c:75:a4:d9:17:0a:
8f:bc:a5:97:c9:7a:35:ef:eb:3c:72:82:94:c7:44:99:e2:31:
28:de:14:f2:64:3d:f3:54:a3:2d:18:db:c8:46:65:db:b1:9c:
9f:2c:fa:1e
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZBQ3ibp3UXX0rhQicxn0Z1tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQwNjI1MTkyNzM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjM5NzRlMTcwN2UxMzY3YTQzZDBjYjE1Zjc5NzYwNzM5NTEzM2MxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0pXlHnK32kE1vwgmPhF2z/8trPE1
Zd6Lor2f8DIgYkTEICQYLqOMPmbV7kIywvR8d/WbddyzsDkGFSNduZZ3aClPbd1H
CNmip4f/ELWfAQy2do8bjI7PgV92PO/V++2w7UYjebotWI064S5V6LgDBbO9ZOgK
nR82qt5cmR+sHmWRxEe0AHglBl7tgcnBWK1a6IqAySYOGmbKsgNIQ4odpFg5ampR
7klYiIV3wYuFLZXgqeChb0fO1MRUkaB8wjbIWIvM0Ja8GMoR7e+SR0SJ0WqSwsgK
mkMVMB0+5nDWgqHI93zMef87peXTRHxe+NgTmfAd6Uq/VgH5sDw8vWfnewIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFMY5dOFwfhNnpD0MsV95dgc5UTPBMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEveGpsMDRYQi1FMmVrUFF5eFgzbDJCemxSTThFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg8VhAAC
MA0GCSqGSIb3DQEBCwUAA4IBAQC9Izshp45d3auCS+9EtCJ6BX5RS7DvQOR50lbf
gBGLIL4E52B6WS1m6RgEHCDDhJbKNgvKlADYd5u+DhiqLYbXy27A3eYRWv267v/W
FbArFoE4LP9JCsV6h/saqxX3igezbrNxpAGkMtzeK7PayuBngfcGebS0IOjvjWnv
+ZTEEOl/q+XNPbb7QK/xzcE72QCT6uoTN8Axm+xnJp1wFlnZnFwSriKWxaxKZaEX
qurKKnmQXH/WKIleHTncPHQSqKMqR9dGTP+Z/XsKxGjH/0q25ppMdaTZFwqPvKWX
yXo17+s8coKUx0SZ4jEo3hTyZD3zVKMtGNvIRmXbsZyfLPoe
-----END CERTIFICATE-----
Generated at Sun May 11 22:07:11 2025 by rpki-client